www.ohioauditor.org
107.180.41.239 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://ohioauditor.org/ 3yr old
Effective URL:
https://www.ohioauditor.org/ 2yr old
Submission: On May 12 via manual (May 12th 2026, 1:15:34 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 11 domains to perform 86 HTTP transactions. The main IP is 107.180.41.239, located in United States and belongs to GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.ohioauditor.org. 2yr old
TLS certificate: Issued by R13 on March 12th 2026. Valid for: 3mo.

This is the only time www.ohioauditor.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	107.180.41.239 107.180.41.239	400754 (GO-DADDY-...) (GO-DADDY-COM-LLC - GoDaddy.com)
6	192.178.183.155 192.178.183.155	15169 (GOOGLE) (GOOGLE - Google LLC)
8	172.66.171.172 172.66.171.172	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:c21::61	15169 (GOOGLE) (GOOGLE - Google LLC)
33	142.251.13.156 142.251.13.156	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:400a:1000::5f	15169 (GOOGLE) (GOOGLE - Google LLC)
5	142.251.14.94 142.251.14.94	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:c17::5e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:c25::84	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE - Google LLC)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.20.156 142.251.20.156	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400a:1001::65	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	74.125.100.199 74.125.100.199	15169 (GOOGLE) (GOOGLE - Google LLC)
3	74.125.163.168 74.125.163.168	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:c13::84	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.251.13.132 142.251.13.132	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:c13::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.127.157 142.251.127.157	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.250.202.131 142.250.202.131	15169 (GOOGLE) (GOOGLE - Google LLC)
86	20

4 107.180.41.239 (United States) 1 redirects

ASN400754 (GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: 239.41.180.107.host.secureserver.net

ohioauditor.org 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
www.ohioauditor.org 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 192.178.183.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraw-in-f155.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 172.66.171.172 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.addtoany.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:c21::61 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

33 142.251.13.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wt-in-f156.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE - Google LLC, US)

region1.google-analytics.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 2a00:1450:400a:1000::5f (Switzerland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
imasdk.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.251.14.94 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pm-in-f94.1e100.net

fonts.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:c17::5e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:c25::84 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f155.1e100.net

bid.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.20.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bx-in-f156.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:400a:1001::65 (Switzerland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

gcdn.2mdn.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 74.125.100.199 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: ams15s45-in-f7.1e100.net

r2---sn-5hne6nz6.c.2mdn.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 74.125.163.168 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra24s20-in-f8.1e100.net

r3---sn-4g5lznl7.c.2mdn.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:c13::84 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.13.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wt-in-f132.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:c13::9b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.127.157 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfrai-in-f157.1e100.net

ade.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.202.131 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnfjra-al-in-f3.1e100.net

csi.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 10yr old tpc.googlesyndication.com — Cisco Umbrella Rank: 195 13yr old ade.googlesyndication.com — Cisco Umbrella Rank: 438 9yr old	624 KB
11	gstatic.com fonts.gstatic.com — Cisco Umbrella Rank: 22 10yr old www.gstatic.com — Cisco Umbrella Rank: 5 10yr old csi.gstatic.com — Cisco Umbrella Rank: 479 10yr old	173 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 9yr old imasdk.googleapis.com — Cisco Umbrella Rank: 593 10yr old	148 KB
8	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4293 13yr old	35 KB
5	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1598 9yr old r2---sn-5hne6nz6.c.2mdn.net — Cisco Umbrella Rank: 786262 5yr old r3---sn-4g5lznl7.c.2mdn.net 5yr old	1017 B
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 350 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 356 2yr old	27 KB
4	ohioauditor.org 1 redirects ohioauditor.org 3yr old www.ohioauditor.org 2yr old	4 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 400 10yr old	50 KB
1	doubleclick.net bid.g.doubleclick.net — Cisco Umbrella Rank: 1774 10yr old	19 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3281 5yr old
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42 13yr old	158 KB
86	11

	Domain	Requested by
39	pagead2.googlesyndication.com	www.ohioauditor.org pagead2.googlesyndication.com tpc.googlesyndication.com ep2.adtrafficquality.google
8	static.addtoany.com	www.ohioauditor.org static.addtoany.com
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	pagead2.googlesyndication.com
3	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
3	r3---sn-4g5lznl7.c.2mdn.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com
3	imasdk.googleapis.com	pagead2.googlesyndication.com
3	www.ohioauditor.org	www.ohioauditor.org
2	ade.googlesyndication.com
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.googletagservices.com
1	r2---sn-5hne6nz6.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.gstatic.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ohioauditor.org
1	ohioauditor.org	1 redirects
86	20

This site contains links to these domains. Also see Links.

Domain
www.addtoany.com
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
cpanel.ohioauditor.org R13	`2026-03-12` - `2026-06-10`	3mo	crt.sh
*.g.doubleclick.net WE2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
static.addtoany.com WE1	`2026-04-19` - `2026-07-18`	3mo	crt.sh
*.google-analytics.com WE2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
upload.video.google.com WR2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
*.gstatic.com WE2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
tpc.googlesyndication.com WE2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
adtrafficquality.google WE2	`2026-04-20` - `2026-07-13`	3mo	crt.sh
*.c.docs.google.com WR2	`2026-04-28` - `2026-07-07`	2mo	crt.sh

This page contains 13 frames:

Primary Page: https://www.ohioauditor.org/
Frame ID: BEFA7B03980A089670632A6E015956FA
Requests: 27 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: FD6EBBD63E20D9344640280594CD7EB2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
Frame ID: 3D51DA44FA57398EBA9504FCBD468FBB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&adk=1812271804&adf=3025194257&lmt=1751974591&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fwww.ohioauditor.org%2F&pra=5&asro=0&itsi=-1&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734900&bpp=8&bdt=92&idt=65&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=757995601790&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=81
Frame ID: C2B2F3D7C3E766DBC79E382387E3D85A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
Frame ID: 5F6F59A44B486894BCD9D31108142839
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591735453&bpp=1&bdt=645&idt=1&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=200&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Frame ID: F6BF68703BC6630E813E75C3DFB0F705
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
Frame ID: ED59917DF6C29D937B2EDE6A140BF401
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DNOn9ucjGcDAEr4UQ22Yn6KU5lfAo2RfGg-Zr8dz9q4.js
Frame ID: 77A21B5D03FA2D412DA279BC73369C8D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 47E0F6AC8A1A715BA624F352AAC35297
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8D17DA505FECF5BBBB94FE48DC58CD3F
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/activeview/js/current/rx_omid_video.js
Frame ID: 73CEA31C52C13D8303858BC95CA22D8B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/rx_omid_video.js
Frame ID: 970A5129E0A06023A236394E2CDF4B5D
Requests: 4 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html
Frame ID: 662CBDBB7CD6341959CF611DB0D2641B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ohio Auditor

Page URL History Show full URLs

http://ohioauditor.org/ HTTP 307
https://ohioauditor.org/ HTTP 301
https://www.ohioauditor.org/ Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick Floodlight (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.doubleclick\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

\.googletagmanager\.com/

Page Statistics

86
Requests

99 %
HTTPS

43 %
IPv6

11
Domains

20
Subdomains

20
IPs

4
Countries

1237 kB
Transfer

6692 kB
Size

3
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.ohioauditor.org%2F&title=Ohio%20Auditor
Title: Teilen

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C8K3a9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE5QFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOlX25z9O7N5aXnmVQOaV1N1QRQ2Pf1ITJ-OeIGZVSnM0FlPoum7CSmh9wAS0lMj74AWIBbats9NXoAYugAfKrvD6GagHp8yxAqgH4tixAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAtgHANIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WKLIw8Tqs5QDsQk71NJLxaC-7oAKAZgLAcgLAYAMAaIMA5ABAaoNAkRFyA0B6g0TCPfixMTqs5QDFX1FkQUdDl4MlfANAogOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcEGAFQBroXAjgBshgJEgL9YxguIgEA0BgB6BgBwhkCCAE&ae=1&gclid=EAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE&num=1&sig=AOD64_3JuCNvDkDo-CAYhDsYqSdNK8cnmQ&client=ca-pub-1164850912048075&rf=1&nb=9&adurl=https://searchsweeper.com/rd2/%3Fid%3D349695cGEtc2MtZG93bmxvYWQv%26cid%3D795590369421%26kw%3D%26target%3D%26source%3Dgoogle-d%26placement%3D197827627572_www.ohioauditor.org%26targetid%3D%26gcmpid%3D(campaignid)%26gad_source%3D5%26gad_campaignid%3D23528789686%26gclid%3DEAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C8K3a9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE5QFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOlX25z9O7N5aXnmVQOaV1N1QRQ2Pf1ITJ-OeIGZVSnM0FlPoum7CSmh9wAS0lMj74AWIBbats9NXoAYugAfKrvD6GagHp8yxAqgH4tixAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAtgHANIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WKLIw8Tqs5QDsQk71NJLxaC-7oAKAZgLAcgLAYAMAaIMA5ABAaoNAkRFyA0B6g0TCPfixMTqs5QDFX1FkQUdDl4MlfANAogOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcEGAFQBroXAjgBshgJEgL9YxguIgEA0BgB6BgBwhkCCAE&ae=1&gclid=EAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE&num=1&sig=AOD64_3JuCNvDkDo-CAYhDsYqSdNK8cnmQ&client=ca-pub-1164850912048075&rf=1&nb=0&adurl=https://searchsweeper.com/rd2/%3Fid%3D349695cGEtc2MtZG93bmxvYWQv%26cid%3D795590369421%26kw%3D%26target%3D%26source%3Dgoogle-d%26placement%3D197827627572_www.ohioauditor.org%26targetid%3D%26gcmpid%3D(campaignid)%26gad_source%3D5%26gad_campaignid%3D23528789686%26gclid%3DEAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE
Title: Own Your Online Privacy

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C8K3a9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE5QFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOlX25z9O7N5aXnmVQOaV1N1QRQ2Pf1ITJ-OeIGZVSnM0FlPoum7CSmh9wAS0lMj74AWIBbats9NXoAYugAfKrvD6GagHp8yxAqgH4tixAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAtgHANIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WKLIw8Tqs5QDsQk71NJLxaC-7oAKAZgLAcgLAYAMAaIMA5ABAaoNAkRFyA0B6g0TCPfixMTqs5QDFX1FkQUdDl4MlfANAogOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcEGAFQBroXAjgBshgJEgL9YxguIgEA0BgB6BgBwhkCCAE&ae=1&gclid=EAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE&num=1&sig=AOD64_3JuCNvDkDo-CAYhDsYqSdNK8cnmQ&client=ca-pub-1164850912048075&rf=1&nb=7&adurl=https://searchsweeper.com/rd2/%3Fid%3D349695cGEtc2MtZG93bmxvYWQv%26cid%3D795590369421%26kw%3D%26target%3D%26source%3Dgoogle-d%26placement%3D197827627572_www.ohioauditor.org%26targetid%3D%26gcmpid%3D(campaignid)%26gad_source%3D5%26gad_campaignid%3D23528789686%26gclid%3DEAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE
Title: Download SearchSweeper

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C8K3a9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE5QFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOlX25z9O7N5aXnmVQOaV1N1QRQ2Pf1ITJ-OeIGZVSnM0FlPoum7CSmh9wAS0lMj74AWIBbats9NXoAYugAfKrvD6GagHp8yxAqgH4tixAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAtgHANIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WKLIw8Tqs5QDsQk71NJLxaC-7oAKAZgLAcgLAYAMAaIMA5ABAaoNAkRFyA0B6g0TCPfixMTqs5QDFX1FkQUdDl4MlfANAogOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcEGAFQBroXAjgBshgJEgL9YxguIgEA0BgB6BgBwhkCCAE&ae=1&gclid=EAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE&num=1&sig=AOD64_3JuCNvDkDo-CAYhDsYqSdNK8cnmQ&client=ca-pub-1164850912048075&rf=1&nb=8&adurl=https://searchsweeper.com/rd2/%3Fid%3D349695cGEtc2MtZG93bmxvYWQv%26cid%3D795590369421%26kw%3D%26target%3D%26source%3Dgoogle-d%26placement%3D197827627572_www.ohioauditor.org%26targetid%3D%26gcmpid%3D(campaignid)%26gad_source%3D5%26gad_campaignid%3D23528789686%26gclid%3DEAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C8K3a9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE5QFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOlX25z9O7N5aXnmVQOaV1N1QRQ2Pf1ITJ-OeIGZVSnM0FlPoum7CSmh9wAS0lMj74AWIBbats9NXoAYugAfKrvD6GagHp8yxAqgH4tixAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAeaBqgH_56xAqgH35-xAqgH-MKxAqgH-8KxAtgHANIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WKLIw8Tqs5QDsQk71NJLxaC-7oAKAZgLAcgLAYAMAaIMA5ABAaoNAkRFyA0B6g0TCPfixMTqs5QDFX1FkQUdDl4MlfANAogOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcEGAFQBroXAjgBshgJEgL9YxguIgEA0BgB6BgBwhkCCAE&ae=1&gclid=EAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE&num=1&sig=AOD64_3JuCNvDkDo-CAYhDsYqSdNK8cnmQ&client=ca-pub-1164850912048075&rf=1&nb=1&adurl=https://searchsweeper.com/rd2/%3Fid%3D349695cGEtc2MtZG93bmxvYWQv%26cid%3D795590369421%26kw%3D%26target%3D%26source%3Dgoogle-d%26placement%3D197827627572_www.ohioauditor.org%26targetid%3D%26gcmpid%3D(campaignid)%26gad_source%3D5%26gad_campaignid%3D23528789686%26gclid%3DEAIaIQobChMIy9zExOqzlAMVfUWRBR0OXgyVEAEYASAAEgK4L_D_BwE
Title: Better Search

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AZwrskUvDT53B9xUAj1bbTRw6iqq4Q1Nnz9qRpnyoMdyMyWdjI_Tj0Mcp98nl268q85wz0b8WdP2xQ8mdZnPTJ_m64gDFisL1bo47VPrpoGdY2D_yYIh6cOpmJSy3OMssMamRTBDM3ImbSSh-CQpYXVGPfZrQdi5udxzGCnTExnkTaRTIS9slutM-CnTnHFoMu2D83e6QLVm6pAg7qOSgYWkb0PfhgEfLh0Nhi6-5yG5LY6J5M2PH5PBE5v8dWAJv1URZ4n_XG7RxmMGG5XgXyIgpnh5iH6eYFx34aTzvNC3z31EoBRCc4WlQGGMsBaeD41Vk9GfbnBmSnc5eQtK9oN37neKuN8yc4vQ8lwkw94I8t46M7UGAq69owsC9s3mifxj4yf7wosCTRQ3msq53X9D4UZacRsoMIS8iplaRoyYVgF-7HEmQqKrxpxycYq70jwXu9S-J2nUkyTMmJA5koeBenXfSAwiWp8ddGWO1HvSC6TVEAJ6m0KFh-Y5qxxVLYSHBU515qJyCoTQclUN8d2xSGBKcKHpp1lDGD7DeRRrK7B0CRAhky9bCljzyOTvJthhJRvFbmjirBPjL87WHCMrlfRJ5qX6K2v1vpikl7o-Y9KoMdzV2SYZPcLcCYqkOXnsK1J_pPghaDOiqSYp7Xy6HCZTvPoJfNlc15f8kyKoQ25_dY_aMKM8-6tr1YPuC8OvEASVunEUvLO1wXLVahnxlSTY_zJcq9BGrpbuNrnACfT6cFNFNuKNDeuVdboRW_zIV2A6aF1rsMXgW6clF_muX8Vm6PM-489U81lX6w2Fv5xACm-sPDxCzq8p0Bqd8lLHDBpv8RVOKiCf8g_lOv4TtkEM_HRe86OclgO8empa-OJdjPeCQHsZKOx0A0nlKRb3ILWgsL21JPpTx1FiGP3686w_gFMHKMFnhoGl6hAH6XPl_t_sn-CYB-EaOa1DnySWpTqR0kCWfNsFVGsvClae0ezEmeOisMs4Vtm8QZ5JgArYBxAJ0hr2Lc-6sCaB8UrWUE5XMTrICMNO2bl1t79NH4CXWrGmyTOVUOGDjxduhPLbj7Sh8aRBo8hyIh-_bEgo5HcT8ptVcvdXB-AmoUFPIKaccDjspSAkVcmcKnKtKPKnxOTJwKlBZnoVzSc-W3tOouWJPJgdSSaBf1HHMNDCiQqfxjCA5u3PiaanfaB-MQLAAoS4je2igB7P4Sx0Wz8vXEDAs4s0jR_mgJsmnZwlIO2ZAdjS-ZoxuEzJX9FlpPEvJ0z_5LUXZgnIzLdz0YqVJRg-qQLjHsObXphz_KzFM3Ib_6xYTawOUC99cOAiahbjxNUmaDPaH7bu3ruw5daGIhK74BsPbNs9-PXA9Ig5YqCpcw6QHz1180mSk6UVbqMqVGdVyT2rxlTzbEHVAbxADnRJkwOw09DjhUevLARZ-irBr-feh6AEhr0ASXXhHckwmleOD58QhgOVWV_WUxYrGY0niGVP9a9-F5t-xAktcGlS3n5uikNztPw75df2JkriXq-mqJf2Zd7u4bdID5p9oDKmep05f7-t3pm2fZLnSj7ZZxvkxqtW9vX8QLsiVVSYV2bCTqaEzdhcdkgl4OHxBcl4MpbVtiniOl0eEixsN_zRv38PLHpC9zGXZ-zQ1NF1IgIFa9eQaIbDMRCy0CO9YTrQL3aZFDzOIN3l4972uo5jkB8pDWxQsI22GAIYZeJg5QNmFLqp1b2UAYkt96-T4eVq2e1TDT6pna0Qw26fil5tjIm_HjyZ8jNwbKFDHjtQXXR-9_14Z4qULFtFDd4ocyp3_a23v-yqFaHCkcJvUlo06GVB7V7COxAIA2-nLk7THS7RNseNaEwEa9P57Qx3H6g4_4ur-eoAtp5_2C8z0TmotFD2Pg-0C1gXb0bimJzZdFLH0LquWH22lIebeDxVrdKi5-j1aWjm-W1fWqYSqHjNyPm8SF6uYdw3UAsCX-qbbrD7teS1HiBDLWS-YGlGuaplvGFEbOz8INBLkja_tNdk13UKSGkZjmaV1zs99poKBuLiXyADTm1jUw&opi=122715837

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AZwrskVbzScKb2pCwBo2BuVPtrTjnUssCnKhnbJ9Hc3wSSX_4O97iLnPDG_RGfrwK2SswXLMQPLrihSicpAnLvzn2JbwKsnDmYnPjpo3PxFRzDsjVI-mpV1fL7kW6C8hfq8-vwqnvb7KS6k0653yjapUOSXIAQXXvcBfYD_TGPmglfKG8_NgxulH1JdPO7vaxyt9X4n_g6tRYhaTRJNj6l5uJoYiZA9jgOu81ILoW1aYVzfSkXNx29eSAQRF-6RauQwpMY6Wqrf9KUD3cpBuWp2646cMj_iOPkvDHQC4cG68K8Qgmw57uHos8mOmNdfBxLmFs0PEGZ3r63-pFC04rpcO9nfaqiW8SZemndhfTai4HxP1Juemgl_BzPHnctn3qrEmbEPAngsgoXGn84_8PvB9L1DFdjQqdB5hw_qgWLv7Y23IU2zmUf-giCttVnv4kRcSjddeCV0jOVL-k_WBT452Nq7M6Gg8-sXpDwbm-22Wp4jazUW6Fr2KfdJ4kRS9zASSy6-i8DV-PZ_ooUpA1N4QGM_noweKmJN4-asflzSwrD6GCtgLbfok0HkCoSXSAWjPOSOzmN53f5TGgDs-7UcF7NN-_oBTgSuOLqagwU91kCPRnZQF9Bf_CDgkT8sLHX7qghdhUeZLOzEAxdvbZGf2kDd49rC4y_EYxO72Mz90fAJd1kp-LYhsKyEgPAZgqu_uyaoQG9Xe3z3qrC-av4xNyDgbnxfPi3aIYkjq88-4nHHW_SjUnfKNXowADmKamfj3B8q0TpHiJvLhIR7nk6Onu9cGmPrI3PJyP_FVPrcML3CuHkHL6bBHh-C-QZjPmGG8y-GRGx50xhKDAsjjgSkXqnBj2n9stdD_LQw1Jpn-z_MKslE962j-dUKuq7riM7WVcaVASb1kyJf0TY2AvI2-pgGNEbX5i00CWK8m23bauudHNxHX31t-fh0cJEFrtR9UvIqmonAszu6JRynvSq9BJ-eaUxVVUahp60GI-NFzz5jZ9i0KXzLOQ-2GhiN6Dr3wLAHM_bUyPsAkSlJBzGah0S-uHEpMSMD_x30lH75EAougvtStSsGkE2nN8l0HuH5EpErNLxyfpSzLFz7W70pIfg_KrupnSF9RSlAOusW4zPRX2WmoWRARSjoy_678eZryke8fnxfdo2JcJ3g1isuYpFRN-PRYTKZX1N1h432wSj2TzAerZWHyxU8k8SewCPYNIx1A53MihM5gLrkaWYHdhQXpbJye7Fs3PMKgn_AEmJsVt2P3EUrAbtDdtLkV8ol-ohSfvh1ZH6uq73i1AEY-lJg1Po3y7f94-KIF84xGTyYoNqYQKE4sXw31AS0NApL_jWmuDmtMCmwqM0lca_x0bYh6J6bTmG1qxae_CmZdzNbPuEn_zGBkO-SHUh8r-gcH4DG1z-AE6k_rv3lhf-UGzc-psWhbAzhpWUfM9EsQLvNg19dMiMr10BpgzQ5_sUfGAxa3sLpOqVA9mCl_MbU0tAtIikg2XI-sK0Egabgt5PpZRgzh40xozA5-fKrzhJdKJ9yziLFUaP2ku8wa6lMe_3B5WRYTyiBZ5RPQcndtx1TXwd3wNIuCljRZ3wl8Awlx4SBLN6iNI5LnDnGouP7zR_wC_dDSBxf9zfsPWhRovYGp6RUmlUKtBT5mh4CiyDxEFv1A-Bg0v6vqZAgz0nFeHPyUQuaiWLSjDfSfjA3cKqw6hQLAJiXhEGEm7SV3_dQeA9-d8TE8D-OhU8aNUrdq50jDgtzH378Jy9_93UwNCK4wb8hNEzuzxlvanVDb-o3ckmi7cTubq2W9tE0on1ONQkD6wy2DggBUxlmbkXW4Lx8l6guDFlUgZPdY8-cjRziRi8XP-GuuTZy2gRfL7t7MgQQBvzvrHr5WOEyI1vtyfY44Taaq8-WjfLYQAm2_KEsdLhSfacooyycMbYlyRKJylF9YHtPFJpqdtIVviW9jUscj8pJVuTtevjWnbeHjcYj1pMGVkkDAsg&opi=122715837

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ohioauditor.org/ HTTP 307
https://ohioauditor.org/ HTTP 301
https://www.ohioauditor.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://gcdn.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/58EF114B14C9CE02FFDFEEECB74D483930CF06B9.89D5554DD92475CD33411220CFD61031FE57DE3D/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/477D5E9749B05130180FC4F8AB750D874AB2BFE7.1D823C426108B46FD4CB7D41D35C66ACEF2DA2C8/key/cms1/cms_redirect/yes/met/1778591735,/mh/sf/mip/2001:ac8:20:272::e02f/mm/42/mn/sn-5hne6nz6/ms/onc/mt/1778590843/mv/m/mvi/2/pl/48/rms/onc,onc/file/file.mp4 HTTP 302
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/481138BABFE960959038B29BBE85D011916EB103.19CCD3ED9D20630D5BD24A135D3BDFFC13845365/key/cms1/met/1778591735,/mh/sf/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-5hnesz7l/rrc/104/req_id/bb8b002bde2aa3ee/cms_redirect/yes/ipbypass/yes/mip/135.136.19.183/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1778591483/mv/u/mvi/3?file=file.mp4

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ohioauditor.org/
Redirect Chain

http://ohioauditor.org/
https://ohioauditor.org/
https://www.ohioauditor.org/

6 KB
3 KB

172ms
158ms

Document
text/html

107.180.41.239
GoDaddy.com

General

Check archive.org

Download Go to

Full URL: https://www.ohioauditor.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.239 , United States, ASN400754 (GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: 239.41.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 6604f32eb7497626f9877d5e56b6c10ad764c45193bf7738d7217a9a09be9f05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 2456
content-type: text/html
date: Tue, 12 May 2026 13:15:34 GMT
etag: "442500-196f-639695f26edc0-gzip"
last-modified: Tue, 08 Jul 2025 11:36:31 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 276
content-type: text/html; charset=iso-8859-1
date: Tue, 12 May 2026 13:15:34 GMT
location: https://www.ohioauditor.org/
server: Apache

GET
H2 200 style.css
www.ohioauditor.org/css/ 2 KB
914 B 160ms
158ms Stylesheet
text/css 107.180.41.239
GoDaddy.com

General

Check archive.org

Download Go to

Full URL: https://www.ohioauditor.org/css/style.css
Requested by: Host: www.ohioauditor.org
URL: https://www.ohioauditor.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.239 , United States, ASN400754 (GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: 239.41.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 83393d189a15d12f67572380a6924e151897dfc50b74834caa96b123d0869c1d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: "442534-9b5-6394d4f7b2740-gzip"
accept-ranges: bytes
content-length: 825
date: Tue, 12 May 2026 13:15:34 GMT
last-modified: Mon, 07 Jul 2025 02:07:49 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 49ms
31ms Script
text/javascript 192.178.183.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1164850912048075

Requested by

Host: www.ohioauditor.org
URL: https://www.ohioauditor.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

f1ec4f0e0cb9931671ad2fb330b70b42215e029486d6f6148086db52b9e92456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 390671023722923975
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 May 2026 13:15:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55327
x-xss-protection: 0
server: cafe

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 34ms
13ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.ohioauditor.org
URL: https://www.ohioauditor.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41da3adaac7bc1f3b65bb7b545ddc75e01c54aeb7e20041adaf3f38719d3f0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"891b7e8d2b953e451022ce5f738b45a4"
age: 28284
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=x%2FpbQZOEaYvEO3g3pqDLJ7hSMe2ard0NNERz35pgM%2Fon9PxqvU1Nlh0O%2B7K84ZJBmLUAO3qtLxqPiHMGHlFS%2BiYEnNEIgpycxtng%2BnGao1N2MjvUoGPKjwIdhvWzXOML1%2BWAemJWAg%2Fpr2g0bIUWhpcX"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b166ce05d9d6-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 466 KB
158 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:c21::61
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G4259FHN3G

Requested by

Host: www.ohioauditor.org
URL: https://www.ohioauditor.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c21::61 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc38f6c39c088f7020d66d05f51204e27bb1b6685f4f92d4555abe20fe247912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 12 May 2026 13:15:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161701
date: Tue, 12 May 2026 13:15:34 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 sm.25.html Show response
static.addtoany.com/menu/ Frame FD6E 716 B
993 B 30ms
19ms Document
text/html 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

access-control-allow-origin: *
age: 5720
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 9fa9b166fe51368c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 May 2026 13:15:34 GMT
etag: W/"551efc5187c9f500b4e394155ba03720"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DM3RCZgOhxY2RXWvNz8%2B%2F%2BAX1ZnTbzm9pldbWqe9I1b2%2BqjDuck0P0fHOrKa4MoS%2F%2BAqwWxODeHy83AkBQAbcNqBOmykRI0ztyHbkqoURmJO"}]}
server: cloudflare
server-timing: cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
x-content-type-options: nosniff

GET
H3 200 core.biiqrgxi.js Show response
static.addtoany.com/menu/modules/ 71 KB
27 KB 52ms
44ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

06a91f3806c5e2944500fa952d92aff620594de57dde7bd0428fe598603e363f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"c47a384cc63e45b2ffa54235bdad24b9"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H0zBn66nZFo55N7jvBD6coahNYqWLndT3ovJJQN3hYFONroVi59axpYtqGsRJNNDv73uBxAP14Icp1VulPAvfqnqmESm9KauRVuEChLjKRGlGrwrMSxG1xuEuYE1zSlR1zRZvaNp"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b166fc909048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/ 531 KB
173 KB 16ms
15ms Script
text/javascript 192.178.183.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1164850912048075

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

d7dc228520e1ad12b0367cd65bc8547945f64f046ad58b106a21e2f3ac9a9731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 10423224208293721359
age: 86194
x-content-type-options: nosniff
expires: Mon, 25 May 2026 13:19:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 13:19:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 177058
x-xss-protection: 0
server: cafe

GET
H3 200 de.js Show response
static.addtoany.com/menu/locale/ 889 B
1 KB 15ms
14ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/locale/de.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

590f6b0ea574d56c72e66504ed8d3d9f5005d48d004f1ac01f395798ce1a1589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d92e4bfab3e7bb7f93e876b4f8606fc8"
age: 21252
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=v1v6mr4SEYQ1U2e3OumSshhGnoKOGxODGVDrXWOe5caMxH6852PibJHWn2bZ%2BNqZkTpXEodnQ5R1ey%2FEHEbIsTSOEskO9tAi4RQuYj%2FBJ9EEFb5%2FG2AEkBefFxj9"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b1678e15d9d6-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
702 B 50ms
50ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://static.addtoany.com/menu/modules/core.biiqrgxi.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5FY6OzYUBDEt0ivpR2nkqk1rh49dYSG09B7IT4ExIw905QSCepbBdq%2F3c1o1Gx5gXkxmjqo9iYwotvwqmA7Mm6ZBUjbzseN0x3qEiyXXW5RPNBVX8J5yqhbb8SNKxdFSF2hMPKDz"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:35 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b1678c919048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
857 B 35ms
35ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://static.addtoany.com/menu/modules/core.biiqrgxi.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"68925fa8e347041c6006837e73c518bc"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=96rWztakh71ZCgaEPYRGOJtlnbotSFRJuNWiOxC9oH%2Bex51y7NXxH%2Fv%2Bb770fHn4IcuI9LrWnqt%2BaWFxKoMZOwKfn1uZjEDEp1vwMmEB%2BlPz2YJqqnicJkQG%2Fm5O6hbF0xeFDnjo"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b1678c929048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 645 B
948 B 40ms
40ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://static.addtoany.com/menu/modules/core.biiqrgxi.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FrkRfEoMCufWY4Bur2F4OXsv5Uzt6zoZ6uT%2FtEHReEzAWPLkajXEDumtBIQNBPV0yfeAEFpQ3MWSCO%2FdT1ydYm8H9QWfB3%2Fe9UPzptEPUF9WId6V6AD9XwTiq5BmTQhpoEEY9lAh"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b1678c949048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 link.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 25ms
25ms Script
application/javascript 172.66.171.172
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/link.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.biiqrgxi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.171.172 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1e450814698cfd54d68f041c25c741d2adbde4e8e31a256db1be23d413d96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://static.addtoany.com/menu/modules/core.biiqrgxi.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"dd9ed66e949db0815ba57f9db1b47951"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MmWcPtTslj%2BzUmbBkU1qvTj4wLS6K%2FQx8IVKnNc7Xtm2ZKKzOuKkFY8ysa%2BLlmgHJ%2BE%2B3B65zWgCvbPLrVlw22mUkyRZ4QIbEmD6eadq3LbPmDe9PDQZWcuBlkT7f6n59Sx5X7%2Bq8nzV5q2%2Bm4LQyhFg"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 12 May 2026 13:15:34 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9fa9b1678c939048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html Show response
pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/ Frame 3D51 8 KB
4 KB 23ms
8ms Document
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

c92e82828cdd0d552fe0f769a91427c6f0df8b06f7252abea603ab53d8f4e2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

age: 22579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 06:59:15 GMT
etag: 2682333595741055678
expires: Tue, 26 May 2026 06:59:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame C2B2 119 KB
30 KB 440ms
436ms Document
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&adk=1812271804&adf=3025194257&lmt=1751974591&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fwww.ohioauditor.org%2F&pra=5&asro=0&itsi=-1&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734900&bpp=8&bdt=92&idt=65&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=757995601790&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

5f9db619851137f6b5d5ee97fb9856459806e139e1abd90c5a559edc38530646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 30385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 13:15:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 5F6F 125 KB
42 KB 581ms
580ms Document
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

cf15c97fe35c689ed643a78b263b5aae0f2f2eff66c7593fbaf86dc9b536cc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42894
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 13:15:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
19ms Fetch
text/plain 2001:4860:4802:34::36
Google LLC

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G4259FHN3G&gtm=45je6581v9170141084za200zd9170141084&_p=1778591735014&gcd=13l3l3l2l1l1&npa=1&dma_cps=a&dma=1&are=1&cid=1650354046.1778591735&frm=0&pscdl=noapi&rcb=0&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B148.0.0.0%7CGoogle%2520Chrome%3B148.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=de-de&_s=1&tag_exp=0~115938465~115938468~118463261~118494634&sid=1778591735&sct=1&seg=0&dl=https%3A%2F%2Fwww.ohioauditor.org%2F&dt=Ohio%20Auditor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=884
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4259FHN3G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0
report-to: {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ohioauditor.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:138:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/ 193 KB
65 KB 8ms
8ms Script
text/javascript 192.178.183.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

9cd5aa05f0dec2cf179ea8a206308a208a1c411ef36592c601acb0585dffcad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 5963182558489818643
age: 60255
x-content-type-options: nosniff
expires: Mon, 25 May 2026 20:31:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 20:31:20 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 66057
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ 5 KB
2 KB 65ms
28ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

be366c696c4d79315aa4e817ddedc09b7f6dc13ee0456dba3377aea5a75a9849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 May 2026 12:11:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame F6BF 9 KB
3 KB 284ms
284ms Document
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591735453&bpp=1&bdt=645&idt=1&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=200&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

7a8f7e654300ed4d2ec23cc8b66b72dcc471e30c3765c3b4c192f3f5deb14de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 2726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 13:15:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 192.178.183.155
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=31098359%2C95387509%2C42533293&hl=en&pvc=1017319508765501

Requested by

Host: www.ohioauditor.org
URL: https://www.ohioauditor.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 zrt_lookup_fy2021.html Show response
pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/ Frame ED59 8 KB
0 0ms
0ms Document
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

c92e82828cdd0d552fe0f769a91427c6f0df8b06f7252abea603ab53d8f4e2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

age: 22579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 06:59:15 GMT
etag: 2682333595741055678
expires: Tue, 26 May 2026 06:59:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/ Frame ED59 21 KB
8 KB 10ms
10ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/abg_lite_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

fd3b9caaa2802b5afabfd40b73ee5ed7727b92185e5d185fb1a908e181af7fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 15138695451174732648
age: 69980
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:49:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:49:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8469
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ Frame ED59 21 KB
2 KB 91ms
54ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

1fed9a9f0c2575723702f958957d187a562ee172f0df5c1889e2d339676ab949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 May 2026 12:55:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/ Frame ED59 15 KB
3 KB 81ms
35ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.css

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 3252
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 12 May 2027 12:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 12:21:23 GMT
last-modified: Mon, 20 Apr 2026 10:46:55 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2920
x-xss-protection: 0
server: sffe

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/ Frame ED59 390 KB
134 KB 61ms
15ms Script
text/javascript 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7fb54c58fa186a99c05a7ee4518a13df0553ed06b39e375f0d3190faa614123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 2205
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 12 May 2027 12:38:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 12:38:50 GMT
last-modified: Mon, 20 Apr 2026 10:46:55 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 137020
x-xss-protection: 0
server: sffe

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/ Frame ED59 20 KB
8 KB 13ms
12ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

72869ba28dbe7dfde1cac4d1bd0ea84e491738e0fd578232aaaf90c693095b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 11196190604902853639
age: 69789
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:52:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:52:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8623
x-xss-protection: 0
server: cafe

GET
H3 200 KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWub2bVmUiAo.woff2
fonts.gstatic.com/s/roboto/v51/ 22 KB
22 KB 24ms
8ms Font
font/woff2 142.251.14.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v51/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWub2bVmUiAo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.14.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pm-in-f94.1e100.net

Software

sffe /

Resource Hash

5bcc3aa180e7f26f643cd5b2621cd7c2de193d0661d913a94afd3d4881a7a34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 293324
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 09 May 2027 03:46:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 May 2026 03:46:51 GMT
last-modified: Wed, 18 Feb 2026 19:51:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22200
x-xss-protection: 0
server: sffe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 58ms
56ms Fetch
image/gif 192.178.183.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ping?e=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 css
fonts.googleapis.com/ Frame 5F6F 17 KB
2 KB 30ms
29ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

cb0a81e3b65b55f5686972c4337591bfe6f2b9113e5965942c2141d53ad1f477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 May 2026 12:09:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/ Frame 5F6F 2 KB
830 B 11ms
11ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

e3fc6feef49f4a4b66fe2e52c683234c4f7cbec1c7845b27098c939e77f4a2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 14583675982072969242
age: 69789
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:52:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:52:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 803
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/ Frame 5F6F 21 KB
0 10ms
10ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

fd3b9caaa2802b5afabfd40b73ee5ed7727b92185e5d185fb1a908e181af7fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 15138695451174732648
age: 69980
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:49:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:49:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8469
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/ Frame 5F6F 3 KB
1 KB 8ms
7ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

8b925b4e5891d39f0ce66a499c87d39286e308916e3ad36dcd22b7548079d30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 7208902950285533371
age: 69980
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:49:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:49:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1227
x-xss-protection: 0
server: cafe

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/ Frame 5F6F 20 KB
0 0ms
0ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

72869ba28dbe7dfde1cac4d1bd0ea84e491738e0fd578232aaaf90c693095b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 11196190604902853639
age: 69789
x-content-type-options: nosniff
expires: Mon, 25 May 2026 17:52:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 May 2026 17:52:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8623
x-xss-protection: 0
server: cafe

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 5F6F 0
0 42ms
42ms Fetch
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=C8FWu9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE4gFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOhf0xq2_X1U_4fKUtU7sO10icQcTdnwLsD0uWYnfpE4YDqB-KQt9wAS0lMj74AWIBbats9NXkgUECAQYAZIFBAgFGASgBi6AB8qu8PoZqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwDyBwMQ9m3SCDIIkeGAUBABGJ8DMgiri4CAoICACjoOAICAgICAlKiIAqiDgBBIvf3BOliiyMPE6rOUA4AKAcgLAaIMA5ABAaoNAkRF6g0TCPfixMTqs5QDFX1FkQUdDl4MlYgOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcgChoIABIUcHViLTExNjQ4NTA5MTIwNDgwNzUYABgBUAa6FwI4AbIYCRIC_WMYLiIBANAYAegYAcIZAggB&sigh=NAgU2a9DqNA&uach_m=%5BUACH%5D&template_id=5000&ebtr=1&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F6F 238 KB
73 KB 9ms
9ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

53d19123ff2ed00dd54939185bca727b5740e259f677f0e632917b8f3ad1dfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 15924000242186357972
age: 1208
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:55:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 May 2026 12:55:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 74908
x-xss-protection: 0
server: cafe

GET
H2 200 3cefa33ff05f9439fb49395d60d79c3d.js Show response
www.gstatic.com/mysidia/ Frame 5F6F 41 KB
17 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:c17::5e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/3cefa33ff05f9439fb49395d60d79c3d.js?tag=addon/mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c17::5e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

68e9ffb3e0ae248fd2f99436ba0efbdcf72f84e1274975a215a025f5a5d5f591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 58355
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 21:03:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 May 2026 21:03:00 GMT
last-modified: Mon, 11 May 2026 17:48:28 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-opener-policy: same-origin; report-to="mysidia"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
accept-ranges: bytes
content-length: 17084
x-xss-protection: 0
server: sffe

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14047743118370475498/ Frame 5F6F 8 KB
8 KB 39ms
7ms Image
image/jpeg 2a00:1450:4001:c25::84
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14047743118370475498/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c25::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

294f5a7e8c6ab412f4bc2cb5c340220954f5bbbf5932555c34ee15df39ada3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 454400
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 07 May 2027 07:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 07 May 2026 07:02:15 GMT
last-modified: Sat, 04 Oct 2025 00:15:35 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 7904
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 5F6F 218 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02661045878986f965e26cfc34f3b85d5450f80491c98d5f00472dc4c6f8707

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F6F 0
0 39ms
39ms Fetch
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F6F 0
0 39ms
39ms Fetch
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F6F 0
0 43ms
43ms Fetch
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame ED59 0
382 B 68ms
18ms Ping
image/gif 2001:4860:4802:32::3
Google LLC

General

Check archive.org

Download Go to

Full URL

https://csi.gstatic.com/csi?v=2&s=osv&dmc=32&puid=1~mp2nlidu&c=909306573436&slotId=454653286718&qqid=CJKbxMTqs5QDFZFKkQUd6k8jCQ&fb=outstream-lima&sei=44752538%2C95363795%2C420706098%2C789179015%2C798227501&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: date,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pagead2.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v51/ Frame ED59 42 KB
42 KB 25ms
9ms Font
font/woff2 142.251.14.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.14.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pm-in-f94.1e100.net

Software

sffe /

Resource Hash

1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pagead2.googlesyndication.com
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 521221
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 May 2027 12:28:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 May 2026 12:28:34 GMT
last-modified: Wed, 18 Feb 2026 19:51:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43136
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED59 0
20 B 39ms
38ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cd_of9ycDatLDAZGVxdwP6p-NSYPhmPyGAdWMksy0FMXKt4OnBRABIK_HoJIBYJXikIKgB8gBBakCw7gpPrGqCD6oAwHIA5sEqgT_AU_QJXEFQIb4Wn_hcaM6PQ77owRufT8l_t-iaL5RnHxIhHEztMFKsanYJdLBrs6g6A7OZ95XOD4CiGDAHeLuwJISYivhQHzmL8YMjKfuzjHYe2_BZ8KYOQ7sRL9glnL9mj-3Lm88oBQe62AUq0ZZkNeiSavi_UL-M31-akLlC1I7Y7FVkQh21oJ7zwWnLQ9m6jeWgtKazyyPgKMO2CYbLUdJ4Oa-JFJx3fAJsiTYTwcerUfU_I-KzWMYEoM-EVqI2ZxtE9p4CqBu2FypFMkMuHIrCLRUQikvbuRmMtTOmD4kKp3JiPgFKXm1vL6aljoZlmTiJ0Af5xs-nVUTS2VSpMAE8Oi76doE4AQDiAXPy8L8TqAGdoAHmJ2k4gSoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB-fXsQLYBwDSCDIIkeGAUBABGJ8DMgiri4CAoICACjoOAICAgICAlKiIAqiDgBBIvf3BOljBgsPE6rOUA4AKAcgLAYAMAaoNAkRF6g0TCKGixMTqs5QDFZFKkQUd6k8jCfANAYgOCbATk9ySIsgTsI_a5APQEwDYEwqIFALYFAHQFQHKFgIKAPgWAYAXAbIXBBgCUAboFwWyGAkSAtJSGHYiAQDQGQHYGQE&eventType=clickstring&clientTime=1778591735684&ai=Cd_of9ycDatLDAZGVxdwP6p-NSYPhmPyGAdWMksy0FMXKt4OnBRABIK_HoJIBYJXikIKgB8gBBakCw7gpPrGqCD6oAwHIA5sEqgT_AU_QJXEFQIb4Wn_hcaM6PQ77owRufT8l_t-iaL5RnHxIhHEztMFKsanYJdLBrs6g6A7OZ95XOD4CiGDAHeLuwJISYivhQHzmL8YMjKfuzjHYe2_BZ8KYOQ7sRL9glnL9mj-3Lm88oBQe62AUq0ZZkNeiSavi_UL-M31-akLlC1I7Y7FVkQh21oJ7zwWnLQ9m6jeWgtKazyyPgKMO2CYbLUdJ4Oa-JFJx3fAJsiTYTwcerUfU_I-KzWMYEoM-EVqI2ZxtE9p4CqBu2FypFMkMuHIrCLRUQikvbuRmMtTOmD4kKp3JiPgFKXm1vL6aljoZlmTiJ0Af5xs-nVUTS2VSpMAE8Oi76doE4AQDiAXPy8L8TqAGdoAHmJ2k4gSoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB-fXsQLYBwDSCDIIkeGAUBABGJ8DMgiri4CAoICACjoOAICAgICAlKiIAqiDgBBIvf3BOljBgsPE6rOUA4AKAcgLAYAMAaoNAkRF6g0TCKGixMTqs5QDFZFKkQUd6k8jCfANAYgOCbATk9ySIsgTsI_a5APQEwDYEwqIFALYFAHQFQHKFgIKAPgWAYAXAbIXBBgCUAboFwWyGAkSAtJSGHYiAQDQGQHYGQE

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame ED59 0
60 B 58ms
20ms Ping
image/gif 2001:4860:4802:32::3
Google LLC

General

Check archive.org

Download Go to

Full URL

https://csi.gstatic.com/csi?v=2&s=osv&dmc=32&puid=2~mp2nlif9&c=909306573436&slotId=454653286718&qqid=CJKbxMTqs5QDFZFKkQUd6k8jCQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.js&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: date,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pagead2.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame ED59 38 KB
19 KB 97ms
49ms XHR
text/xml 74.125.206.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DoiqfBP_3DEhR-ju2P7FDRhoNWm84OXA5P64RDF1bCRsYiucOb47l0To9JlI8orjLtDpcWioq_5gTaUapM7kxW9XdyWQ&cry=1&dbm_d=AKAmf-AoRuQ1WZwFNev_ioaS-OToi8-sYapWISB2Ubn4_MHfR0pefT5nCmK0itz92mulWV_LvXmGKcmLrSg-ovvhvte-jR7Hsr7xXm23iHoghSDXNpMTnSvd2AzSsMGsr7vIKkuX8f1utellxk0_Y9lUTgsrFhJqrewugEqtRPWTdtiFTXsFJSJEdpfyxwqx0doZcXFAPmk6Nr2oUAK35JRH6j1GQ3zoAMKUEUnak0nChmKPraG6afFxgQKDytB9Rw5fEt7vJ1NvgGHnWxQVaaz7m-tN6qizrpHGMzGPHRRO7yOf9nic867voeRZHFMQHiWb3MlRm93YWF5gD3ryvHixYH37DmJtCKAsxNiG8rdUQ2P6_S15-mTbcyPwhribOQ6fGgaijOQYqIK_H-wyzaKCOGULCnNWcpNJmWDKiiqgOx9aHKUrUtcttV0U-hoc7BMHpKQSAzqdFh5YSClZa6AiLBJxcvujF6t2y6zVcDbYliymb1OCISG_rc77ALQf-st5PioQpwdW3jkmK8TQ-lRoNeql0pltZ_IaZlbUMx8KEPzercMdhO9yv90Y28oveU7KdpEU4ejtoiBrN3U_56qRXy08FATk-BnkhEUlHMrxyyom24nfypsfZQyzQmsS0aF5bPHyuB8YcBdoxaMAoLBppPPKgULlwLHndx7-rM9prmuP2gKuSYAhmDH2IKvXzsvKo9qnscvrkVcCgMUjdYd0EtSJe8wOyDOYpU0gMYxpQA8knp2FIZyKk8T8mh5DltUBWX78DSpd98aV1s0KBRuoVP_KKATa88qXXODt3KR0vkcmoafIbV2-xhDu4dlEICJeXDd1Ixxrskk0YEG6ySuAziOZAfNZO7oLast7AFWZisD620hTFJ95iz2AScIxuU1sMYEgEuK5Sr09h377vMMDx0LnGHGQqadESOg8_7_Kx-3m_rMQiKVSzqSzkwF1RXlC3z99GdAJdpD8H9xdB0O6OcMWL5urnZ92n6_O5nKgPmpvcEd_bakX0G2Tw3XHntiEkdf3g65WOiiJOjNcE2Z4611Z5ktWisIb1lqAzRhGReMPPlIxyQb9JZBXpRQfnUdj2muBAluMojpO-IGS7ZTN_IFcer-wDWzzffdnqb5Vh8ePT9XzvHlw-xNxnSNNiRHoouIGLx5F32mj8vBUGOWWYUYkC8Xq2djIhLaW__X7WGVJVRazvfp5ZYr_Lj6PbhwC4HGRfKwWrd51UcH9VIAuY6ybuAdVBDR_HWDFkNyjpYgXscgfkXa5_p8yb4diPebje3uPOhfr--KUAxDk80S7mONGpuXhpXN0_zFsfAiWh6mOSsrCobLGmJszBA_AdeLVvtGQTyLcEIulm_hud8msnEq1zsCZ_c7-wlM-r6nceZGDb1CnxUJrcBd8cgnjIVF2LvpXHWnJnCxUOVBgNJLOEtmgsuFjQ2KAu41Gq2HpNEqp3L3wi4reRMIPJyEPTbc1lfd4VU5a4h4yLG2QUHEcSbSoi-kxPKAcH6zS-i_74J9FUuZEwjc7LFNIbnJcPuWh2BT98aOJRZWKZ21CGtRBrZgdk-rDctL6-1_ueBK6o_uHwnfCDCPguSZpHozmNyNPMnGm8FNh_QK95YxsEbPr_yHYQz0PlZ-1Q7-R8xL6Wz_dS-AF04SHsXonSu2VLkDplGjn6aUKKcTHJ6pUIS_LLXPWae4l1VZGmrNA36rKpeOEzXJ1NP3uHJj0xzKt8P5PzWfMxp2L7cdnhl174mo2zNW0KxHmgck4xqPF7yRI9uDcRgLVJI_pJoc45rlwfur6T-3zDvHj-MOQcSqz4WzErTrX6vn5rXDqW9VGWIGpsr4TZy1oYA3vPcZTJrMA9uALqudfKLfyL2L5u7frktTqY3a7iUFQUPq1uP87986LS7DyVVsVWA4YpWx1cEbpu0RCaBTMm2pu-CaQQeVi5sVkMaaa_K5AL2GMj1IJndFtlcQHCq3rtHIsv5GNdp4huczKD6Bcp7W0rLah1NDYlMolWGhbO-eAcusTH24pJJN-Deb0cupJT4nNYO_WqVVQvgXSmfbW763wNZUjMjIzNOlulYCY3xQIDB2j7bnCvpIubLNrhsFjJ9vqyifKT4JQvK5PL7EGVs827TVyHLRZK3Af56_-DILs_6rxB7V4qu7Fm5dNrmq9JPoDWU1ox3MqOFxQAGvcXY5TQGc-kRsF3MD_XGskVvkl7RKMM-xpczTHJJlE36hFKmhcspnz2exzbnBLhUXF9vc0xql-rvkwItbaWrTw-yrtWUM9RV6PH6PULl9tyfSAMLVCzUVaE7N3gjxyyDL75Y8nBPOSPz5xFKRDO2bRiHWhnmpYiaYElT82t8Zxn0g_VD20KLe8j7cuT_nB4sW6fGVrEsF35Yb4lLF9J4GXuzSkaVts84MOtqagFoJmlpsH9Zcxh-fIA9EsvWbIyvzPJjs2bABIctvJgig-g7ScdxwbXC2XVqmAlO5uTvwp0cQnHd7XOxrSSbOdqtFTp_tTELr09nveu7GDFBCD8Wa_XuTfAm53PyYkXi-YtnFTaDYMMCzrSSNkl6miZ2KOtt_vVmYh4scHuPgP7_l0z5TpsohlJtRTFzSYdQaHLQnLZ2imn3fqweW3vRLmbP8OtzPj2AZBODpaRtk7UiFfkB2du8X_aO8FCsgjStVYPGREfNakUhJdt1gBzchzec4CcWMFUIKHpFueKWFWUcMHtBM5SNMkHDALvF3Yt_eRCCd9-HhtE7fXmI88yDYaUQ5hfXFGlXdMcjexhRMZohgUIc-UEGtVoAnc5mlpHMqSQTzPQglJrD3vyevtr1X5DP-UNqMMVo2x9xhw4yLv60rnZS1Tyi65WEPsb_0iOp3BSZHyKxi_pLPoCF1qIjztHZgQewzH7rTHd-nxTBwU-cFZVM4WK8e9vh0Tu9baDAXDu65qTMV7z_lJ71gEdaCy6FVUI_EUd0W3yGkZjHYbg-PmdYrk1Ke_65ee9WlUDO9xN5PmIlIUFzHCmwsfbIOlOZBFp8VIj4yXy5FLG6ngssseVzO3HVeL8sE9Y7bBB-BnU3UdZUZQO_h6sZmlI3gNOvj6nx9TqNPQ-3BLUx4aDGgEsN39Q2JJTW1wlXuvqwARGxWz68Ic7ooOluZxCcutBc1gyd-Yr4SebPib0dY1ISnmP0bGk1qEOulfnausx9gbQ0ACbfbvBa7a-8p7VFQv8urKYafRlVeUWvGtZ30Op1ZbKlexmXFB99bAAlPNYWeaMnk48zdDT_95W0r1QNC4v2sffdWRNt1WqUgucsrQq2vj9RTg14etqFRX9u26rAMSPaoWW1DYGlEr-tukzenN-Gmnb7rxHIskWskbxDVpLMOKg92cpZr-IoWBFox2bVC-qutt3ikDl64l_FGTD_yQ6oDwxv4UnyHbWAyPLpAAzqTi6w6EXnhsDG1UCLPfAJ-UGWZwZ4jj15SkATuxDS58twJurc-PMpSMTpHlpuuLSpQwVPNx7DkidpsvyDv2t1fSuSo5DnkO_wXwHt8MnvQLPOJ2g3TDYqBdssuK31G9NP6rEcXRkLHPqGJGXMdETm9u_NwTPL7WCQKyL3CSaqG8Te7oplPkB1-3PN-CxmmIJHD8ioeT3cyOGWrbamhEwhO4vV8yQO5rJJAJ5lJe-Iz549ZJDeNfMwWFuxorBrI1QrbUCAU1RZ65JdaKhIWV-kw_VJIzx0Obme2FOJXXfdrEJLywlRoaGmLvKiwOt7ZzM0CxXGei-KLSpS8UvVL5otiOUI9bc631cOTDsOUdFgE-NmVDW0FVtP9PLb-7Kcr3s14Q1Qye8M39TJpwK2MPvY03_AVQ7J7-rH8pzk_mFvJlLUdf6_hPxUY_hskMYLtSXwt_QfrbQ2D919wqUwjPfYSGY7lKyQQ_lVjLVoOFFlhThq5z2rtzFMLkGlgbbMJx1MrgSA003369fEg_cwcQIylUql4bX3kt2bwZqGCJDIV8HZOLeYraNT6m52oC9TwaQH6MepIy8lK0cnor5ExzUxorqpEIleq-_VGKin4VMzL75w1RBbmy7BJ8sWWuD02SwtO4r6dQ3UQsXBDrDQD-cwXZwEJ0dvA4ZdpImxP0H3-sT5zPImyFtTomRS_ZGfq9JRSDoAARjBLhkA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

b41b7d5a5242b41494fdbb38f5cabcce000bf075d1cb7af4a9bb28e89523a03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/xml; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pagead2.googlesyndication.com
content-length: 19057
x-xss-protection: 0
server: cafe

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame ED59 0
0 42ms
41ms Fetch
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=C6Kqj9ycDatLDAZGVxdwP6p-NSYPhmPyGAdWMksy0FMXKt4OnBRABIK_HoJIBYJXikIKgB8gBBakCw7gpPrGqCD6oAwGqBPwBT9AlcQVAhvhaf-Fxozo9DvujBG59PyX-36JovlGcfEiEcTO0wUqxqdgl0sGuzqDoDs5n3lc4PgKIYMAd4u7AkhJiK-FAfOYvxgyMp-7OMdh7b8Fnwpg5DuxEv2CWcv2aP7cubzygFB7rYBSrRlmQ16JJq-L9Qv4zfX5qQuULUjtjsVWRCHbWgnvPBactD2bqN5aC0prPLI-Aow7YJhstR0ng5r4kUnHd8AmyJNhPBx6tR9T8j4rNYxgSg2YQgKXT3sojSJ6EEVVB7eqsT14T9Fj9aye33klY7s47_dYl_-NZaDRGxysx5S0i7DEy9Ca6fAac6SR-X_4sbk7kwATw6Lvp2gTgBAOIBc_LwvxOkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBoAZ2gAeYnaTiBKgHp8yxAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAf3wrEC2AcA8gcKEKKIBRionenAAtIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WMGCw8Tqs5QDgAoByAsBqg0CREXqDRMIoaLExOqzlAMVkUqRBR3qTyMJiA4JsBOT3JIiyBOwj9rkA9ATANgTCogUAtgUAdAVAcoWAgoA-BYBgBcBshcgChoIABIUcHViLTExNjQ4NTA5MTIwNDgwNzUYABgCUAboFwWyGAkSAtJSGHYiAQDQGQHYGQE&sigh=XjBZrekZA7s&uach_m=%5BUACH%5D&vt=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
DATA 200
OK truncated
/ Frame ED59 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ddabe47663dce323b5e45c2f934ab4623a1db3ef9d8b1a96121dd2c896689c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v44/ Frame 5F6F 47 KB
47 KB 11ms
11ms Font
font/woff2 142.251.14.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.14.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pm-in-f94.1e100.net

Software

sffe /

Resource Hash

d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pagead2.googlesyndication.com
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 310843
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 08 May 2027 22:54:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 May 2026 22:54:52 GMT
last-modified: Mon, 15 Sep 2025 16:30:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48320
x-xss-protection: 0
server: sffe

GET
H3 200 view
pagead2.googlesyndication.com/btr/ Frame 5F6F 0
0 41ms
41ms Fetch
text/html 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/btr/view?ai=C8FWu9ycDaouFAv2KxdwPjryxqAniqKOPhQHxltr_wBXy6LS1-QEQASCvx6CSAWCV4pCCoAegAcr2n5s_yAEJqAMByAPLBKoE4gFP0K8rmhjwdcijwcxKLKuODfMc2btR3Q4L0iwotGonLfjHhhZG0T2YI45xyLlKyA7SZPwInvEwqfHjlqARAvwf6bp-BIpHd2vAczG3LCYcJoRocgTgA-l0yqrNHPEDI8bdGRUvvBDITSmn8QFKLfyANBVgLF5TisCZ_1tWtzUrUvLUDOZqeA-wnBCNgjUzJpwN04nF9QPSJSr5cQUnvtnQ97EpBppBYdXjXUZjyD89ZyK73fIeAwAF7d7DOhf0xq2_X1U_4fKUtU7sO10icQcTdnwLsD0uWYnfpE4YDqB-KQt9wAS0lMj74AWIBbats9NXkgUECAQYAZIFBAgFGASgBi6AB8qu8PoZqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwDyBwMQ9m3SCDIIkeGAUBABGJ8DMgiri4CAoICACjoOAICAgICAlKiIAqiDgBBIvf3BOliiyMPE6rOUA4AKAcgLAaIMA5ABAaoNAkRF6g0TCPfixMTqs5QDFX1FkQUdDl4MlYgOCdgTCtAVAZgWAcoWAgoA-BYBgBcBshcgChoIABIUcHViLTExNjQ4NTA5MTIwNDgwNzUYABgBUAa6FwI4AbIYCRIC_WMYLiIBANAYAegYAcIZAggB&sigh=NAgU2a9DqNA&uach_m=%5BUACH%5D&template_id=5000&ibtr=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 DNOn9ucjGcDAEr4UQ22Yn6KU5lfAo2RfGg-Zr8dz9q4.js Show response
pagead2.googlesyndication.com/bg/ Frame 77A2 61 KB
23 KB 10ms
10ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DNOn9ucjGcDAEr4UQ22Yn6KU5lfAo2RfGg-Zr8dz9q4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

sffe /

Resource Hash

0cd3a7f6e72319c0c012be14436d989fa294e657c0a3645f1a0f99afc773f6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
age: 479837
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Thu, 06 May 2027 23:58:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 May 2026 23:58:18 GMT
last-modified: Mon, 04 May 2026 12:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 23842
x-xss-protection: 0
server: sffe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 54ms
31ms XHR
application/json 142.251.20.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260507&st=env&sjk=1017319508765501

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f156.1e100.net

Software

cafe /

Resource Hash

cca5cfe00f3c3bc1f188967810d2f69e61f601c705b9a77611f4acae79ff563d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13611
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 38ms
38ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a5704a2c59946dd10ea8fecb69b31deb6e729501433422fbad8da4ac0abd58da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 May 2026 11:29:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 27ms
27ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b8fe4c1045a617e0825f881fd4d200db7e027d9dfa4be4f25905d73156ac0342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 12 May 2026 12:11:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 favicon.ico
www.ohioauditor.org/ 355 B
406 B 162ms
161ms Other
text/html 107.180.41.239
GoDaddy.com

General

Check archive.org

Download Go to

Full URL: https://www.ohioauditor.org/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.239 , United States, ASN400754 (GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: 239.41.180.107.host.secureserver.net
Software: Apache /
Resource Hash: cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-length: 355
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyk.woff2
fonts.gstatic.com/s/googlesans/v67/ 23 KB
23 KB 10ms
10ms Font
font/woff2 142.251.14.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v67/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.14.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pm-in-f94.1e100.net

Software

sffe /

Resource Hash

c3e646e385b7f7fa06a4ff8d6a1c628b92948b58fec797f37c357257ed61e7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 513551
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 May 2027 14:36:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 May 2026 14:36:24 GMT
last-modified: Wed, 10 Dec 2025 17:14:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23076
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ Frame ED59 0
60 B 17ms
16ms Ping
image/gif 2001:4860:4802:32::3
Google LLC

General

Check archive.org

Download Go to

Full URL

https://csi.gstatic.com/csi?v=2&s=osv&dmc=32&puid=3~mp2nlifk&c=909306573436&slotId=454653286718&qqid=CJKbxMTqs5QDFZFKkQUd6k8jCQ&fb=outstream-lima&vast_v=2.0&vmfc=8&vhc=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: date,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pagead2.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame ED59 41 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:c25::84
Google LLC

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c25::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 2282
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:27:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 12:37:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 15407
x-xss-protection: 0
server: sffe

HEAD
H3

200

3
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,... Frame ED59
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/ip,ipbits,expire,id,itag,so...
https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,ex...
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,ex...

0
0

75ms
8ms

Fetch
video/mp4

74.125.163.168
Google LLC

General

Check archive.org

Download Go to

Full URL

https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/481138BABFE960959038B29BBE85D011916EB103.19CCD3ED9D20630D5BD24A135D3BDFFC13845365/key/cms1/met/1778591735,/mh/sf/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-5hnesz7l/rrc/104/req_id/bb8b002bde2aa3ee/cms_redirect/yes/ipbypass/yes/mip/135.136.19.183/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1778591483/mv/u/mvi/3?file=file.mp4

Protocol

Server

74.125.163.168 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra24s20-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Tue, 12 May 2026 13:15:36 GMT
last-modified: Mon, 04 Aug 2025 18:56:06 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: null
client-protocol: quic
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: null
content-length: 8017945
server: gvs 1.0

Redirect headers

cache-control: private, max-age=900
location: https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/481138BABFE960959038B29BBE85D011916EB103.19CCD3ED9D20630D5BD24A135D3BDFFC13845365/key/cms1/met/1778591735,/mh/sf/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-5hnesz7l/rrc/104/req_id/bb8b002bde2aa3ee/cms_redirect/yes/ipbypass/yes/mip/135.136.19.183/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1778591483/mv/u/mvi/3?file=file.mp4
timing-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
access-control-allow-origin: null
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
last-modified: Wed, 02 May 2007 10:26:10 GMT
vary: Origin
server: gvs 1.0
content-type: text/html

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame ED59 453 B
585 B 31ms
30ms Image
image/png 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1164850912048075

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 14:05:35 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/png
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v67/ 22 KB
22 KB 8ms
7ms Font
font/woff2 142.251.14.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v67/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.14.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pm-in-f94.1e100.net

Software

sffe /

Resource Hash

d2263711c4bed4e203c88ed278049c80d1d3b1fff690be0b3a516749cbb38c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ohioauditor.org
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 311808
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 08 May 2027 22:38:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 May 2026 22:38:47 GMT
last-modified: Wed, 10 Dec 2025 17:14:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22184
x-xss-protection: 0
server: sffe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 21 KB
8 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:c13::84
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c13::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8d603426932f2666666f4bd32b3dde726161c7f7413e385d2e124e6e03039c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: "1775059593017171"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7628
x-xss-protection: 0
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 47E0 45 KB
15 KB 10ms
9ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host:
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 857
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 14:01:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:01:18 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D17 23 KB
8 KB 8ms
7ms Document
text/html 142.251.13.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
age: 471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 13:07:44 GMT
expires: Tue, 12 May 2026 13:57:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_omid_video.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73CE 159 KB
50 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:c13::9b
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_omid_video.js

Requested by

Host:
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c13::9b Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5dd4a82416e8527e3b3cd4850c7000f40b971bf36a750f21a421764e2bbe0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: "1778153998773465"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 May 2026 13:15:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
accept-ranges: bytes
content-length: 51092
x-xss-protection: 0
server: sffe

GET
H3 200 rx_omid_video.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 970A 159 KB
48 KB 7ms
7ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/rx_omid_video.js

Requested by

Host:
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

02019a56847e149ee1544c13a302aa9987d8e496d38bd3cc8e3d54fb7d604184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 16881486905407404660
age: 3013
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:25:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 May 2026 12:25:22 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-7
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 48766
x-xss-protection: 0
server: cafe

GET
H3 200 MK_n3_4yBb5PQspzm0gYhnuZeqyYa0O-dZQ5WGlSCLw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D17 57 KB
22 KB 8ms
8ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MK_n3_4yBb5PQspzm0gYhnuZeqyYa0O-dZQ5WGlSCLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

sffe /

Resource Hash

30afe7dffe3205be4f42ca739b4818867b997aac986b43be75943958695208bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
age: 462633
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Fri, 07 May 2027 04:45:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 May 2026 04:45:02 GMT
last-modified: Mon, 04 May 2026 12:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22258
x-xss-protection: 0
server: sffe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Fetch
image/gif 192.178.183.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ping?e=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202605070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraw-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame ED59 0
60 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
Google LLC

General

Check archive.org

Download Go to

Full URL

https://csi.gstatic.com/csi?v=2&s=osv&dmc=32&puid=4~mp2nliij&c=909306573436&slotId=454653286718&qqid=CJKbxMTqs5QDFZFKkQUd6k8jCQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=965&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.mv~atrd.n1~videopreviewvisible.os&ua_e=1&ape=1&ple=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: date,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pagead2.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:35 GMT
x-xss-protection: 0
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/254/ Frame 662C 14 KB
6 KB 29ms
8ms Document
text/html 2a00:1450:4001:c13::84
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c13::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe2eddeaa8adad53d570fdeeb04412a07ec65ad99b25fe5beb092dfe4fb78cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ohioauditor.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
age: 1235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5457
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 May 2026 12:55:00 GMT
expires: Tue, 12 May 2026 13:45:00 GMT
last-modified: Wed, 01 Apr 2026 16:06:33 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MK_n3_4yBb5PQspzm0gYhnuZeqyYa0O-dZQ5WGlSCLw.js Show response
pagead2.googlesyndication.com/bg/ Frame 662C 57 KB
22 KB 8ms
8ms Script
text/javascript 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MK_n3_4yBb5PQspzm0gYhnuZeqyYa0O-dZQ5WGlSCLw.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

sffe /

Resource Hash

30afe7dffe3205be4f42ca739b4818867b997aac986b43be75943958695208bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ep2.adtrafficquality.google/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
age: 462633
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Fri, 07 May 2027 04:45:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 May 2026 04:45:02 GMT
last-modified: Mon, 04 May 2026 12:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22258
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D17 0
24 B 40ms
40ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BY8LD9ycDatDFLue7rNcPy6HM8AQAAAAAOAHgBAI&bg=!vL-lv93NAAYiAzjxAgM7AEcBe5WfOK7LtcshmvqGLcG696Rx2UWrB4Gk0ccZhysToHATFqytJI6kEeEMwFzv0z0qMFh1RQcQagFpAj5WHOxFGVs6esXVaQIAAABtUgAAAAJoAQd-ADW4gZsQLtdNioxtwvLlHbKz57F8n7KRXkSpwKOMSzgNO_WqYyfphK5qo1rij4dyWbBr6Udb2QoAdsQD4MlymgBGdJOtTmNise7ak3wvnnHjh_4ARaoIfIHdZrPgIKRxxx_XoiuCg-EXvK3xMhbvdWH1O78L54zNjyr1ZE2s-IByGKiRtocsQTIJLvqExUYFTyUElBCwMvsRMJttYIpSd5W62u8vGvEMElLx4RudxjqZAphWZO7q0epTAhjfrj8LXgMqaNO4d0gEAUGlYXpkpPKkBUgh2wwX_WLVsl51qmtOSHOmQCgWC79JNpmj_9QCuosdr3h7lmQTTDfLihwhadHlVA8Cf0n41ZJmDrXmEf4SV_oZv7JeK8TgwjHsC7ats9yegOIQ0GmXTu1sc3xZZpLJKo46vPJUaQmF4wOhNptwCLmLtvGl0UCoU9fz80TgSXVuf4kz_kNDt6Kz_FB0TFXALjkpjufwkJRriAb6m0R2l_8CyBSBo0GttkUnhQtIj4TVNoBX2Sc_h0bq0Z0Y2M3mLy9wa7wQPkXfQW1T0MkZoNiLYVfSUDgxqpmUIoBw_KecQmSZ7s48bNsrYIFuRzEMiflDD7TCRM011-PczY3MblNXbOhAtz4PsylnFdWuWcJGKKCRyIKXnefxR1N1CB22fwGWA9f4CaUpNOlHK7xP03H_ZBzNDOZJtMEAa7jB_axARLtzXmp6mxM94Y_OPm9Q1pwubkZRQd0fkAxedXI0uGIMYKDmAMC_7n_tOpVl-cyYhBqWY7GwoNkm9lzi0rdeOS0dOKp3cjTzEuoOZGhtytzAfi-yO52QljrhhBrx35tzAWMpDUyP9yD4Y0qioKbp2gx-OGAxOCyGoEyOJb3AG2aGDpHIBNL9EnJwa8jiqWPgQV_Mms7z7rXE7bANkmBDM6OtGLF7GaH2rzoVR4yxPE3w5TIMYlE4ZFE80oT1yyUK5i_pg_q_CqD08JO2PLHyQSQksXC-sUZgYOi7H_GBLrTRbrSBAdcnOOACZN1prUeSqDb6BwVCE5yFssboKlBuPWRzV1952uZNtkQc7tpcFnucvPxWrHIghib3hVpTbKV8uYXyC2RcrQx8sktjuIM-tuM6m-5o3PNW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 662C 0
40 B 9ms
8ms Image
text/plain 2a00:1450:4001:c13::84
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?rCWr2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:c13::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
cross-origin-resource-policy: cross-origin

GET
H3 206 3
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,... Frame ED59 3 MB
0 7ms
7ms Media
video/mp4 74.125.163.168
Google LLC

General

Check archive.org

Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.163.168 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra24s20-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Tue, 12 May 2026 13:15:36 GMT
last-modified: Mon, 04 Aug 2025 18:56:06 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: https://pagead2.googlesyndication.com
client-protocol: quic
access-control-allow-credentials: true
Content-Range: bytes 0-8017944/8017945
accept-ranges: bytes
access-control-allow-origin: https://pagead2.googlesyndication.com
Content-Length: 8017945
server: gvs 1.0

GET
H2 200 dc_oe=ChMIkJ3xxOqzlAMV5x3rBB3LEBNOEAAYACDv3qVyOhoIgo3akQUQ8Oi76doEGLCP2uQDINWMksy0FEITCJKbxMTqs5QDFZFKkQUd6k8jCUgAUDpY2K0DYNDevQ5okIeuywGCAX0KEwiSm8TE6rOUAxWRSpEFHepPIwkSEwjN6_DE6rOUAxXYUvYIHRYjLpU...
ade.googlesyndication.com/ddm/activity/ Frame ED59 42 B
404 B 99ms
42ms Image
image/gif 142.251.127.157
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.127.157 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfrai-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
pagead2.googlesyndication.com/pagead/interaction/ Frame ED59 42 B
69 B 24ms
23ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame ED59 0
33 B 48ms
47ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstFFrMb86aUrFF2u6k4DdsIgYrL-hWwEzMtL3_6MP3Aon6MN8xRS_a3Ec-VUMg5Yhyut5L5IsXNYDSoi5mGG8x5R9c34JcvRCegO0VnfuHPQRQ8ZZFI1gAQbcR0yZoCcdV_pJby6F0YHykmgoowh3UolAbJOnDW8qBwet04yRCOQsizS50ap26YvF1hPYNPTBzOREdkz53s3-GHECaN578WeTjPu-8PicXbJ1dPMBiIpYoScLJHDK5k-eF7WcUStnxb6jOemXEb1N1RnaEUZ9zKJbkDgw99EXZVsPR0P7HJngCOhAGYcnsrgVCbV--VCrMS9YGPZAr1qTuzwWDAazm37bLswdJfLMjfTPDYtd34pLqu3peV3u9HvG6slZVxtibMfQ45Kxh6ZX8x4E7NT8WIuehQLhrG4EAIny6sGtOkiURrYRzXtswq9C7GIvRAZ9y0H-CJOgbST4mHmzRfT71C6ce15lNnRR01_R7uyLBQglaP5BPhlar53sN692_q3d7hxuM3eB5bR-CShuuacrOP3EnHlRKUdEWrjuq6cYay394cDjDzBqXU8wCD4aV3eKq0hywuZVe1MW98smMb82iTK27MbkkghiL7OLg1j2qh1F0bvZWHtgaTr11fMeO36w8iEwlZUGATe45QKjGgfdO-BLiEkOdU66gZ-rdaW4NTyUVZ6SUbJHI2C1DG2ZInvZLJliK6EeGDMgAgoMBL4FzDUgJe8oP0z-7qPbRU1Px8Y-mvuUvP6STVYl0_EWjorMo0qzeyYRQKteoxoFVOjtSQhnX0fdp1afu52cKj2Q4jtQXaKzmQ8f5xVaAhg_9ib9PH7dvmi4C2XwjU9jhazWSVJv_5Pa3xpBD0WFyb5FxxaDuWSyrmwjPGpWtG_awKmTlf0dOetZGaYPO4kvBp2yl31dr7zerdMWE4V5tvI0MtEtbzkmWEyQFL2_0xfrGRG7Ih57vV0b3guKpLq1RF4kZoeH3AdTZ0pWkCAg-7ngFwePfQlrIwadhJM1LN5K3QrvQioG03tpUd3kmG7FkZobjX6VtKrtpFBePbKUg2TNFhvrtV0zLxM3zq1bBBcD4I6CyXpJe6xEI0MkMzhIqhl3fVqygE605Y84qKLNXRNeeKKtsjqbPO1dU-rfNYox8AjAzamfC92F0R6xC9MIH3foj3-Oih7wRRAV2tya-v0uC8jB6wd1rr2oFY7IXO0VbOnu1iudB-_b29yXaGTZiksAmSsZ9SWsiYQUobdC6IVYDpbl9EwIJe_IRdfry72DMOo1rOLWEF0TTbHt61G4tpH4Xx2qwG4rRCLyQUjzbm6hqmu9DvSeFlFsBaXHRhaDFv-OAt25OFAgMSXKAOKfzhoOJ7IuZ7AvST8rJtprS0O6vIuNnUraXqsYfB6s-vK0I8vHCpApVzpCwg43YqA6b6qzV9L-3ikD8nQ-iF1f9c5en3g-3Pd7PYWA&sig=Cg0ArKJSzDx21Ilpj_CeEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED59 0
24 B 42ms
42ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
pagead2.googlesyndication.com/pagead/interaction/ Frame ED59 42 B
69 B 25ms
25ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/html/r20260507/r20190131/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 csi
csi.gstatic.com/ Frame ED59 0
23 B 237ms
236ms Ping
image/gif 142.250.202.131
Google LLC

General

Check archive.org

Download Go to

Full URL

https://csi.gstatic.com/csi?v=2&s=osv&dmc=32&puid=5~mp2nliki&c=909306573436&slotId=454653286718&qqid=CJKbxMTqs5QDFZFKkQUd6k8jCQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=965&mt=video%2Fmp4&vs=640x360&dm=55000&met.4=vis.os~vil.uw~ff.v3~videopreviewstarted.v3&umsem=0&event_name=first_play&asset_bytes=204490&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20260420_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.202.131 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnfjra-al-in-f3.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: date,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pagead2.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 970A 42 B
70 B 50ms
50ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLcySNWGUCIcCigm2ilXN6TmREsLWVKjo_OBo1A3gjRURGPXl-SHalSFpDdLfE2I4PCu_WHc7v5M_rLwR_Pt6ziGXlntiqn12G5vIxc02jTUiQpp8Vv4EX-Ekg56k6vObSttcYLihgdFa5TZA66VqXWuQGZsWDRlpswYPmob3Nkg&sig=Cg0ArKJSzG5Zw9iR3NPgEAE&id=lidarv&acvw=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D15%26sdk%3Do%26p%3D1,164,119,373%26tm%3D3%26tu%3D0%26tos%3D0,0,3,0,0%26mtos%3D0,0,3,3,3%26mcvt%3D3%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D3%26is%3D33554707%26i0%3D33554707%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0&gv=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D15%26sdk%3Do%26p%3D1,164,119,373%26tm%3D3%26tu%3D0%26tos%3D0,0,3,0,0%26mtos%3D0,0,3,3,3%26mcvt%3D3%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D3%26is%3D33554707%26i0%3D33554707%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
pagead2.googlesyndication.com/pagead/interaction/ Frame 970A 42 B
69 B 26ms
26ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/interaction/?ai=Cd_of9ycDatLDAZGVxdwP6p-NSYPhmPyGAdWMksy0FMXKt4OnBRABIK_HoJIBYJXikIKgB8gBBakCw7gpPrGqCD6oAwHIA5sEqgT_AU_QJXEFQIb4Wn_hcaM6PQ77owRufT8l_t-iaL5RnHxIhHEztMFKsanYJdLBrs6g6A7OZ95XOD4CiGDAHeLuwJISYivhQHzmL8YMjKfuzjHYe2_BZ8KYOQ7sRL9glnL9mj-3Lm88oBQe62AUq0ZZkNeiSavi_UL-M31-akLlC1I7Y7FVkQh21oJ7zwWnLQ9m6jeWgtKazyyPgKMO2CYbLUdJ4Oa-JFJx3fAJsiTYTwcerUfU_I-KzWMYEoM-EVqI2ZxtE9p4CqBu2FypFMkMuHIrCLRUQikvbuRmMtTOmD4kKp3JiPgFKXm1vL6aljoZlmTiJ0Af5xs-nVUTS2VSpMAE8Oi76doE4AQDiAXPy8L8TqAGdoAHmJ2k4gSoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB-fXsQLYBwDSCDIIkeGAUBABGJ8DMgiri4CAoICACjoOAICAgICAlKiIAqiDgBBIvf3BOljBgsPE6rOUA4AKAcgLAYAMAaoNAkRF6g0TCKGixMTqs5QDFZFKkQUd6k8jCfANAYgOCbATk9ySIsgTsI_a5APQEwDYEwqIFALYFAHQFQHKFgIKAPgWAYAXAbIXBBgCUAboFwWyGAkSAtJSGHYiAQDQGQHYGQE&sigh=vPtkeWtSgZQ&label=active_view_start&ad_mt=%5BAD_MT%5D&acvw=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D0%26sdk%3Do%26p%3D1,164,119,373%26tm%3D3%26tu%3D0%26tos%3D0,0,3,0,0%26mtos%3D0,0,3,3,3%26mcvt%3D3%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D3%26is%3D33554707%26i0%3D33554707%26ic%3D33556754%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D3%26dfvs%3D0%26dvpt%3D3%26qmt%3D0,0,3,3,3%26qas%3D0%26qnv%3D0%26qmv%3D0&gv=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D0%26sdk%3Do%26p%3D1,164,119,373%26tm%3D3%26tu%3D0%26tos%3D0,0,3,0,0%26mtos%3D0,0,3,3,3%26mcvt%3D3%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D3%26is%3D33554707%26i0%3D33554707%26ic%3D33556754%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D3%26dfvs%3D0%26dvpt%3D3%26atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 dc_oe=ChMIkJ3xxOqzlAMV5x3rBB3LEBNOEAAYACDv3qVyOhoIgo3akQUQ8Oi76doEGLCP2uQDINWMksy0FEITCJKbxMTqs5QDFZFKkQUd6k8jCUgAUDpY2K0DYNDevQ5okIeuywGCAX0KEwiSm8TE6rOUAxWRSpEFHepPIwkSEwjN6_DE6rOUAxXYUvYIHRYjLpU...
ade.googlesyndication.com/ddm/activity/ Frame 73CE 42 B
108 B 89ms
44ms Image
image/gif 142.251.127.157
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkJ3xxOqzlAMV5x3rBB3LEBNOEAAYACDv3qVyOhoIgo3akQUQ8Oi76doEGLCP2uQDINWMksy0FEITCJKbxMTqs5QDFZFKkQUd6k8jCUgAUDpY2K0DYNDevQ5okIeuywGCAX0KEwiSm8TE6rOUAxWRSpEFHepPIwkSEwjN6_DE6rOUAxXYUvYIHRYjLpUiGgjPy8L8ThConenAAqgCgo3akQWwArCP2uQDKICHBzHDuCk-saoIPkAB4AEBgAIBmAIBoALVjJLMtBSoAgbAAnbIAq_HoJIBmgMEh4gTt9ADAw;dc_eps=AHas8cCldC8K0XUoKDsUicbN_RgugmPamA9DsTAsgfZN1XWLv7yCU_-Xh-uQPJnzqM87FIU_kQltzueR89SU6CbfuWi_pmZtnOHxzVUXGxgzBw;met=1;acvw=v%3D20260507%26bin%3D30%26cb%3Drxov%26e%3D0%26sdk%3Do%26p%3D1,164,119,373%26tm%3D6%26tu%3D0%26tos%3D0,0,6,0,0%26mtos%3D0,0,6,6,6%26mcvt%3D6%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D6%26is%3D33554707%26i0%3D33554707%26ic%3D33556754%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ces%3D200104%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D6%26dfvs%3D0%26dvpt%3D6%26qmt%3D0,0,6,6,6%26qas%3D0%26qnv%3D0%26qmv%3D0;gv=v%3D20260507%26bin%3D30%26cb%3Drxov%26e%3D0%26sdk%3Do%26p%3D1,164,119,373%26tm%3D6%26tu%3D0%26tos%3D0,0,6,0,0%26mtos%3D0,0,6,6,6%26mcvt%3D6%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D6%26is%3D33554707%26i0%3D33554707%26ic%3D33556754%26cs%3D33556754%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26c%3D0.71%26mc%3D0.71%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ces%3D200104%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D32%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D6%26dfvs%3D0%26dvpt%3D6%26atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=210001;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.127.157 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfrai-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 50ms
49ms Image
image/ 142.251.20.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=254&t=2&li=gda_r20260507&jk=1017319508765501&bg=!PzylPF7NAAYiAzjxAgM7AEcBe5WfOHeMvbBECe0A-TATJXMuqgNxpBol5iQDLh1NoAhZ9GHtYZLUvQJrxr9dBr_jpvnvSV3r-25BTmdxwMvDfprVxYcrFwIAAABAUgAAAAFoAQd-ADfntJts7SMtXG8OH4GmTKrjm8RLauwgYNPbJHtK1D9kV-moh6QyPGlakP1RV2NApWN1doNOfn2kCgA9qCaNun3W6T4522rLbnp3cuHq7gGAfNzNkjfsV4ExBuTFozanYXEfWnGENT_236XrDOyPSnQ-8AhN1NZd4pkCalso0xeF4Q6UsQqbWQa2XH8c51I1asVXdWMSkIfDdNd8tBe3zkEuDOL1pDTLsZkpzEpxPonsoBaX5c4-zIIQCA9QUzhh_T-ljNWcY2eXe7uTsXNGiWU2oqrbmZg8Nnujf4kH8sn_O6uf-ZO19AXNTgAXnTMswf4pZ-43VvIV6AhwkKB4fxEviHf-dHEb084ZBXGDIpUOFlNln2Cd9jbKpRh8RuqUpgZbHRc5iezKCYMAZSGndix37q4EUVpal7-_7hhO093BWVpXJ1YAWdFdpFnytJox6jPZqcXlTkp4DhE1coTOAnjqaU6EVYSPNIDicBq29bz3zyZHMtTskLkeiK07ko13GIPDV6Nmv-MaK7CWhWWez_fDR09pz_Nh6WniSZ2P4UwHMxeW2kzfXHnMPWcJEDOzOVLur3_-MVBJFdRdl6A0sCB-KXN71UQxL_lFQhjE0gs9RkaxupXNdaxs3SGvj7Msv84NXafpX_LjadsbQr-W6Jm_uXczTVO28dUOO2H0MJRhjGHrbujz8Ii-66yoFh-GcupZTWKoAlEvTkbEOOlDasXhMnPD7nYPkb0avt3Wtzd95duQd_EP6eEkpPORWJCvgXXlqR9ez6uRWGGnJwt4c48VzpesvnUmart0mJ3hBV7_OpDNMHKC3YvhwRveaTLx5MaCbO3WL6RaK1rHCCxHH1GfmESiMGCqpRFk6YSluP7We1dCAI4bcAYB7P0oFCtRHqosfpob8FujKuH5LVspRBlTluOSqv1cBRAv6qhJ3eKdBGMDv1SLrc2vrU5VbPNmzKlAWxwq9b6FlFtZyPdl0kNruzcFgQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.ohioauditor.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F6F 42 B
70 B 42ms
41ms Fetch
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0xN3kF2D1WPesQabwO572qPJ9qMkjiU5BM5CZLznuthNWXugprQ5MWle2Pvlx9e9sLn9tj_9pkezdDijSmNodDqKjO2i7vqiNaW8ib1nyOLtMpmcb_uBTwW0uXO4MXwhp5MOq00pZJZf3_X5LPtcicIv6swfujr_CqJ1KOLYVG5uZQlSbEt0taT0&sig=Cg0ArKJSzKoqkoRURHlTEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&tm=1066.599998474121&tu=66.9000015258789&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0%3D&vs=4&r=v&co=7452453500&rst=1778591734998&rpt=744&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1164850912048075&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1751974591&rafmt=1&to=qs&pwprc=5918584507&format=1200x280&url=https%3A%2F%2Fwww.ohioauditor.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&asro=0&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&fa=40&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0OC4wLjc3NzguOTYiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxNDguMC4wLjAiXSxbIkdvb2dsZSBDaHJvbWUiLCIxNDguMC4wLjAiXSxbIk5vdC1BLkJyYW5kIiwiMjQuMC4wLjAiXV0sMF0.&abgtt=6&dt=1778591734908&bpp=1&bdt=100&idt=80&shv=r20260507&mjsv=m202605070101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=757995601790&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=336&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098359%2C95387509%2C42533293&oid=2&pvsid=1017319508765501&tmod=183213165&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 970A 42 B
70 B 1660ms
1660ms Image
image/gif 142.251.13.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLcySNWGUCIcCigm2ilXN6TmREsLWVKjo_OBo1A3gjRURGPXl-SHalSFpDdLfE2I4PCu_WHc7v5M_rLwR_Pt6ziGXlntiqn12G5vIxc02jTUiQpp8Vv4EX-Ekg56k6vObSttcYLihgdFa5TZA66VqXWuQGZsWDRlpswYPmob3Nkg&sig=Cg0ArKJSzG5Zw9iR3NPgEAE&id=lidarv&acvw=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D9%26sdk%3Do%26p%3D1,164,119,373%26tm%3D2003%26tu%3D0%26tos%3D1595,368,40,0,0%26mtos%3D1595,1963,2003,2003,2003%26mcvt%3D2003%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D2003%26is%3D33554707%26i0%3D33554707%26ic%3D1%26cs%3D33556755%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26dtos%3D2003%26dtoss%3D1%26c%3D1%26mc%3D1%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D0%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D2000%26dfvs%3D1595%26dvpt%3D2000&gv=v%3D20260511%26bin%3D30%26cb%3Drxov%26e%3D9%26sdk%3Do%26p%3D1,164,119,373%26tm%3D2003%26tu%3D0%26tos%3D1595,368,40,0,0%26mtos%3D1595,1963,2003,2003,2003%26mcvt%3D2003%26ps%3D0,0%26scs%3D0,0%26bs%3D0,0%26a%3D0%26at%3D0%26dat%3D0%26amtos%3D0,0,0,0,0%26as%3D0%26vpt%3D2003%26is%3D33554707%26i0%3D33554707%26ic%3D1%26cs%3D33556755%26gmm%3D4%26nmt%3D0%26tcm%3D0%26dur%3D55000%26dtos%3D2003%26dtoss%3D1%26c%3D1%26mc%3D1%26nc%3D0.47%26lte%3D0.4661016949152542%26mv%3D0%26nv%3D0%26avms%3Domid%26psm%3D1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26omidp%3DGoogle2%26omidpv%3D0.0.0%26omidor%3D0%26omids%3Dh%26omidam%3Dl%26omidct%3Dvideo%26omidia%3D0%26nopd%3D0%26dvs%3D2000%26dfvs%3D1595%26dvpt%3D2000%26atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 12 May 2026 13:15:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 206 3
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/560398fca18cdada/itag/343/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1810127735/sparams/acao,ctier,expire,id,... Frame ED59 64 KB
0 0ms
0ms Media
video/mp4 74.125.163.168
Google LLC

General

Check archive.org

Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.163.168 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra24s20-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://pagead2.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="148", "Google Chrome";v="148", "Not-A.Brand";v="24"
Range: bytes=3310652-
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Tue, 12 May 2026 13:15:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Tue, 12 May 2026 13:15:36 GMT
last-modified: Mon, 04 Aug 2025 18:56:06 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: https://pagead2.googlesyndication.com
client-protocol: quic
access-control-allow-credentials: true
Content-Range: bytes 3310652-8017944/8017945
accept-ranges: bytes
access-control-allow-origin: https://pagead2.googlesyndication.com
Content-Length: 4707293
server: gvs 1.0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ohioauditor.org/	1970-01-21 23:39:11	Name: _ga_G4259FHN3G Value: GS2.1.s1778591735$o1$g0$t1778591735$j60$l0$h0
.ohioauditor.org/	1970-01-21 23:39:11	Name: _ga Value: GA1.1.1650354046.1778591735
.ohioauditor.org/	1970-01-21 18:22:23	Name: __eoi Value: ID=016fece7d7f73f67:T=1778591735:RT=1778591735:S=AA-AfjYJFfeQ_p3Eio7tcz5D2c3E

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ohioauditor.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Message: [GroupMarkerNotSet(crbug.com/242999)!:125C1F6550A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:125C0021B0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
csi.gstatic.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
imasdk.googleapis.com
ohioauditor.org
pagead2.googlesyndication.com
r2---sn-5hne6nz6.c.2mdn.net
r3---sn-4g5lznl7.c.2mdn.net
region1.google-analytics.com
static.addtoany.com
tpc.googlesyndication.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ohioauditor.org
107.180.41.239
142.250.202.131
142.251.127.157
142.251.13.132
142.251.13.156
142.251.14.94
142.251.20.156
172.66.171.172
192.178.183.155
2001:4860:4802:32::3
2001:4860:4802:34::36
2a00:1450:4001:c13::84
2a00:1450:4001:c13::9b
2a00:1450:4001:c17::5e
2a00:1450:4001:c21::61
2a00:1450:4001:c25::84
2a00:1450:400a:1000::5f
2a00:1450:400a:1001::65
74.125.100.199
74.125.163.168
74.125.206.155
02019a56847e149ee1544c13a302aa9987d8e496d38bd3cc8e3d54fb7d604184
06a91f3806c5e2944500fa952d92aff620594de57dde7bd0428fe598603e363f
0cd3a7f6e72319c0c012be14436d989fa294e657c0a3645f1a0f99afc773f6ae
1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc
1b1e450814698cfd54d68f041c25c741d2adbde4e8e31a256db1be23d413d96c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fed9a9f0c2575723702f958957d187a562ee172f0df5c1889e2d339676ab949
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
294f5a7e8c6ab412f4bc2cb5c340220954f5bbbf5932555c34ee15df39ada3c2
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
30afe7dffe3205be4f42ca739b4818867b997aac986b43be75943958695208bc
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
41da3adaac7bc1f3b65bb7b545ddc75e01c54aeb7e20041adaf3f38719d3f0c5
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
53d19123ff2ed00dd54939185bca727b5740e259f677f0e632917b8f3ad1dfa4
590f6b0ea574d56c72e66504ed8d3d9f5005d48d004f1ac01f395798ce1a1589
5bcc3aa180e7f26f643cd5b2621cd7c2de193d0661d913a94afd3d4881a7a34b
5ddabe47663dce323b5e45c2f934ab4623a1db3ef9d8b1a96121dd2c896689c6
5f9db619851137f6b5d5ee97fb9856459806e139e1abd90c5a559edc38530646
6604f32eb7497626f9877d5e56b6c10ad764c45193bf7738d7217a9a09be9f05
68e9ffb3e0ae248fd2f99436ba0efbdcf72f84e1274975a215a025f5a5d5f591
72869ba28dbe7dfde1cac4d1bd0ea84e491738e0fd578232aaaf90c693095b6c
7a8f7e654300ed4d2ec23cc8b66b72dcc471e30c3765c3b4c192f3f5deb14de0
83393d189a15d12f67572380a6924e151897dfc50b74834caa96b123d0869c1d
8b925b4e5891d39f0ce66a499c87d39286e308916e3ad36dcd22b7548079d30f
9cd5aa05f0dec2cf179ea8a206308a208a1c411ef36592c601acb0585dffcad3
a5704a2c59946dd10ea8fecb69b31deb6e729501433422fbad8da4ac0abd58da
b41b7d5a5242b41494fdbb38f5cabcce000bf075d1cb7af4a9bb28e89523a03a
b8fe4c1045a617e0825f881fd4d200db7e027d9dfa4be4f25905d73156ac0342
bc38f6c39c088f7020d66d05f51204e27bb1b6685f4f92d4555abe20fe247912
be366c696c4d79315aa4e817ddedc09b7f6dc13ee0456dba3377aea5a75a9849
c3e646e385b7f7fa06a4ff8d6a1c628b92948b58fec797f37c357257ed61e7c5
c92e82828cdd0d552fe0f769a91427c6f0df8b06f7252abea603ab53d8f4e2ef
cb0a81e3b65b55f5686972c4337591bfe6f2b9113e5965942c2141d53ad1f477
cb8d603426932f2666666f4bd32b3dde726161c7f7413e385d2e124e6e03039c
cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264
cca5cfe00f3c3bc1f188967810d2f69e61f601c705b9a77611f4acae79ff563d
cf15c97fe35c689ed643a78b263b5aae0f2f2eff66c7593fbaf86dc9b536cc8d
cf5dd4a82416e8527e3b3cd4850c7000f40b971bf36a750f21a421764e2bbe0c
d2263711c4bed4e203c88ed278049c80d1d3b1fff690be0b3a516749cbb38c58
d7dc228520e1ad12b0367cd65bc8547945f64f046ad58b106a21e2f3ac9a9731
d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0
e02661045878986f965e26cfc34f3b85d5450f80491c98d5f00472dc4c6f8707
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc6feef49f4a4b66fe2e52c683234c4f7cbec1c7845b27098c939e77f4a2af
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ec4f0e0cb9931671ad2fb330b70b42215e029486d6f6148086db52b9e92456
f7fb54c58fa186a99c05a7ee4518a13df0553ed06b39e375f0d3190faa614123
fd3b9caaa2802b5afabfd40b73ee5ed7727b92185e5d185fb1a908e181af7fc7
fe2eddeaa8adad53d570fdeeb04412a07ec65ad99b25fe5beb092dfe4fb78cc9

www.ohioauditor.org 107.180.41.239 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

43 %IPv6

11 Domains

20 Subdomains

20 IPs

4 Countries

1237 kBTransfer

6692 kBSize

3 Cookies

9 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ohioauditor.org
107.180.41.239 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

43 %
IPv6

11
Domains

20
Subdomains

20
IPs

4
Countries

1237 kB
Transfer

6692 kB
Size

3
Cookies

86 HTTP transactions
2 data transactions